08-29-2011 09:55 AM - edited 03-11-2019 02:18 PM
Hi all,
I have a situation that I'm trying to improvise a solution to... We have lost our main Internet connection, which is used to connect (via a L2L IPsec tunnel) out branch office to us. So now I'm trying to bring up a VPN tunnel on another available Internet connection we have, but I cannot connect to the ASA via ASDM because the ruleset on the remote ASA is set to only allow conn's from our public IP block (which is the one that's down.) I don't have a local ASA to look at; can someone tell me how to configure the remote ASA to allow another netblock to connect to it via ASDM/SSH? I'll have to walk the remote site admin thru the config, so I need pretty explicit instructions.
Thanks!
Solved! Go to Solution.
08-29-2011 11:12 AM
asa>enab
asa# conf t
asa(config-t)#ssh 0.0.0.0 0.0.0.0 outside
That should do it...you'll be able to ssh into the box, but so will everyone else, so don't keep it up too long. (Obviously, they'll need a username/password to get into it.) You can put the explicit address that you're coming from if you want with a 32-bit mask (192.168.1.1 255.255.255.255 outside), but if you lose that address then you'll need to do it over again.
ASDM:
Same premise, but like:
http 0.0.0.0 0.0.0.0 outside
Definitely remove these when you're done....
HTH,
John
08-29-2011 11:12 AM
asa>enab
asa# conf t
asa(config-t)#ssh 0.0.0.0 0.0.0.0 outside
That should do it...you'll be able to ssh into the box, but so will everyone else, so don't keep it up too long. (Obviously, they'll need a username/password to get into it.) You can put the explicit address that you're coming from if you want with a 32-bit mask (192.168.1.1 255.255.255.255 outside), but if you lose that address then you'll need to do it over again.
ASDM:
Same premise, but like:
http 0.0.0.0 0.0.0.0 outside
Definitely remove these when you're done....
HTH,
John
08-29-2011 03:06 PM
OK, that did it... I was able to get in. Thanks!
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide